CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function.
cmsmadesimple cms made simple 2.2.17